Merge pull request #19 from internet2/CSPWB-3

Addition of wordpress as provisioning target

Workbench/docker-compose.yml

@@ -288,7 +288,31 @@ services:
      - net
     ports:
      - 443:443
+
+  wordpress_server:
+    build: ./wordpress_server/
+    container_name: wordpress_server
+    networks:
+      - net
+    depends_on:
+      - wordpress_data
+    command: bash -c 'if [ ! -s /var/www/html/wp-config.php ];  then while ! nc -z  wordpress_data 3306 ; do echo waiting for mysql on wordpress_data to start; sleep 3; done; /root/wp core download --allow-root && sleep 10 && /root/wp config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data --allow-root; sleep 3 && /root/wp core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com" --allow-root && /root/wp --allow-root rewrite structure "/%postname%" --hard --debug; /root/wp  rewrite flush --hard --debug --allow-root && sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess && /root/sed.sh && /root/wp plugin install jwt-authentication-for-wp-rest-api  --activate --allow-root && /root/wp plugin install wp-rest-api-log --activate --allow-root && /root/wp plugin install shibboleth --activate --allow-root; fi; /usr/local/bin/startup.sh;'
+    ports:
+      - "80:80"
+    devices:
+      - "/dev/tty:/dev/tty"
+    volumes:
+      - wordpress_server:/var/www/html
 
+  wordpress_data:
+    build: ./wordpress_data/
+    container_name: wordpress_data
+    networks:
+      - net
+    volumes:
+      - wordpress_data:/var/lib/mysql
+    ports:
+      - 3306
   comanage:
     build: 
       context: ./comanage/
@@ -302,7 +326,6 @@ services:
     ports:
      - 11443:443
 
-
 networks:
   net:    
     driver: bridge
@@ -345,4 +368,7 @@ volumes:
   midpoint_mysql:
   midpoint_home:
   mq:
+  wordpress_data:
+  wordpress_server:
+
 

Workbench/midpoint_server/container_files/mp-home/post-initial-objects/roles/200-role-editor.xml

@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<objects xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+	xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+	xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3">
+	<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" oid="9e5a82fc-7969-4fd8-9f74-e0857969cdbb" version="1">
+    <name>Editor</name>
+    <metadata>
+        <requestTimestamp>2020-07-20T14:36:12.953Z</requestTimestamp>
+        <createTimestamp>2020-07-20T14:36:12.972Z</createTimestamp>
+        <createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init</createChannel>
+        <modifyTimestamp>2020-07-20T15:14:49.494Z</modifyTimestamp>
+        <modifierRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
+            <!-- administrator -->
+        </modifierRef>
+        <modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
+    </metadata>
+    <operationExecution id="1">
+        <timestamp>2019-03-29T17:20:56.764Z</timestamp>
+        <operation>
+            <objectDelta>
+                <t:changeType>add</t:changeType>
+                <t:objectType>c:RoleType</t:objectType>
+            </objectDelta>
+            <executionResult>
+                <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
+                <status>success</status>
+                <token>1000000000000003970</token>
+            </executionResult>
+            <objectName>Editor</objectName>
+        </operation>
+        <status>success</status>
+        <initiatorRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
+            <!-- administrator -->
+        </initiatorRef>
+        <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
+    </operationExecution>
+    <iteration>0</iteration>
+    <iterationToken/>
+    <activation>
+        <administrativeStatus>enabled</administrativeStatus>
+        <effectiveStatus>enabled</effectiveStatus>
+        <enableTimestamp>2020-07-20T14:36:12.967Z</enableTimestamp>
+    </activation>
+    <displayName>Wordpress Editor</displayName>
+    <inducement id="2">
+        <construction>
+            <resourceRef oid="dd683dd5-b7b0-414c-a1d9-7039340ad70b" relation="org:default" type="c:ResourceType">
+                <!-- wordpress -->
+            </resourceRef>
+            <attribute id="3">
+                <c:ref xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">ri:roles</c:ref>
+                <outbound>
+                    <strength>strong</strength>
+                    <source>
+                        <c:path>$containingObject/name</c:path>
+                    </source>
+                    <expression>
+                        <value>editor</value>
+                    </expression>
+                </outbound>
+            </attribute>
+        </construction>
+        <order>2</order>
+    </inducement>
+</role>
+
+</objects>

Workbench/midpoint_server/container_files/mp-home/post-initial-objects/roles/300-direct-wordpress-role-editor.xml

@@ -0,0 +1,62 @@
+<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" >
+    <name>Direct Wordpress Editor Role</name>
+    <metadata>
+        <requestTimestamp>2019-03-29T17:20:56.643Z</requestTimestamp>
+        <requestorRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
+            <!-- administrator -->
+        </requestorRef>
+        <createTimestamp>2019-03-29T17:20:56.702Z</createTimestamp>
+        <creatorRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
+            <!-- administrator -->
+        </creatorRef>
+        <createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
+    </metadata>
+    <operationExecution id="1">
+        <timestamp>2019-03-29T17:20:56.764Z</timestamp>
+        <operation>
+            <objectDelta>
+                <t:changeType>add</t:changeType>
+                <t:objectType>c:RoleType</t:objectType>
+            </objectDelta>
+            <executionResult>
+                <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
+                <status>success</status>
+                <token>1000000000000003970</token>
+            </executionResult>
+            <objectName>Editor</objectName>
+        </operation>
+        <status>success</status>
+        <initiatorRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
+            <!-- administrator -->
+        </initiatorRef>
+        <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
+    </operationExecution>
+    <activation>
+        <administrativeStatus>enabled</administrativeStatus>
+        <effectiveStatus>enabled</effectiveStatus>
+        <enableTimestamp>2019-03-29T17:20:56.652Z</enableTimestamp>
+    </activation>
+    <iteration>0</iteration>
+    <iterationToken/>
+    <displayName>Direct Wordpress Editor</displayName>
+    <inducement id="2">
+        <construction>
+            <resourceRef oid="dd683dd5-b7b0-414c-a1d9-7039340ad70b" relation="org:default" type="c:ResourceType">
+                <!-- wordpress -->
+            </resourceRef>
+            <attribute id="3">
+                <c:ref>ri:roles</c:ref>
+                <outbound>
+                    <strength>strong</strength>
+                    <source>
+                        <c:path>$containingObject/name</c:path>
+                    </source>
+                    <expression>
+                        <value>editor</value>
+                    </expression>
+                </outbound>
+            </attribute>
+        </construction>
+    </inducement>
+</role>
+

Workbench/wordpress_data/Dockerfile

@@ -0,0 +1,15 @@
+from mariadb:latest
+RUN apt-get update
+#RUN apt-get install wget gcc libmysql++-dev librabbitmq-dev pkg-config libbsd-dev -y
+#ENV MYSQL_RANDOM_ROOT_PASSWORD=true
+ENV MYSQL_ROOT_PASSWORD=54y6RxN7GfC7aes3
+ENV MYSQL_DATABASE=wordpress
+ENV MYSQL_USER=wordpress
+ENV MYSQL_PASSWORD=54y6RxN7GfC7aes3
+#WORKDIR /tmp
+#RUN wget https://github.com/ssimicro/lib_mysqludf_amqp/releases/download/v2.0.0/lib_mysqludf_amqp-2.0.0.tar.gz
+#RUN tar zxf lib_mysqludf_amqp-2.0.0.tar.gz
+#WORKDIR /tmp/lib_mysqludf_amqp-2.0.0
+#RUN ./configure  && make  && make install #mysql -u root --password=54y6RxN7GfC7aes3 < installdb.sql
+RUN cat /etc/resolv.conf
+EXPOSE 3306

Workbench/wordpress_server/Dockerfile

@@ -0,0 +1,45 @@
+FROM tier/shibboleth_sp:3.0.4_03122019
+
+VOLUME /var/www/html
+
+RUN mkdir /opt/tier/.wp-cli
+#COPY container_files/wordpress/000-default.conf /etc/apache2/sites-available/
+COPY container_files/wordpress/sed.sh /root
+COPY container_files/wordpress/wp /root
+COPY container_files/wordpress/config.yml /root/.wp-cli
+COPY container_files/wordpress/wp-cli.yml /var/www/html
+
+RUN chmod +x /root/wp
+RUN yum update -y 
+RUN yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm \
+    && yum install yum-utils \
+    && yum-config-manager --enable remi-php72 \
+    && yum install -y php php-gd mariadb wget php-mysql postfix nc
+RUN echo 'date.timezone="UTC"' >> /etc/php.ini
+#RUN echo 'nameserver 127.0.0.11' > /etc/resolv.conf
+RUN /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-encrypt -f \
+     && /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-signing -f
+
+#RUN cd /root \
+#    && wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
+#    && chmod +x wp-cli.phar
+
+RUN cat /etc/resolv.conf
+WORKDIR /var/www/html
+#RUN /root/wp-cli.phar core download 
+#    && sleep 3 \
+#    && cat /etc/resolv.conf \
+#    && cat /etc/hosts \
+#    && /root/wp-cli.phar  config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data2 \
+#    && sleep 15 \
+#    && /root/wp-cli.phar core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com" --allow-root \
+#    && /root/wp-cli.phar  plugin install jwt-authentication-for-wp-rest-api  --activate --allow-root \
+#    && /root/wp-cli.phar  plugin install shibboleth --activate --allow-root \
+#    && /root/wp-cli.phar  plugin install wp-rest-api-log --activate --allow-root
+
+#RUN sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess \
+#    && sed -i "s/define( 'DB_COLLATE', '' );/define( 'DB_COLLATE', '' );\ndefine('JWT_AUTH_SECRET_KEY', 'your-top-secret-key');\ndefine('JWT_AUTH_CORS_ENABLE', true);\n/" /var/www/html/wp-config.php \
+#    && sed -i "s/RewriteBase \//RewriteBase \/\nRewriteRule \^wp-json\/\(\.\*\) \/?rest_route=\/\$1 \[L\]\n/" /var/www/html/.htaccess 
+
+
+RUN chown -R apache:apache /var/www/html

Workbench/wordpress_server/container_files/wordpress/000-default.conf

@@ -0,0 +1,32 @@
+<VirtualHost *:80>
+	# The ServerName directive sets the request scheme, hostname and port that
+	# the server uses to identify itself. This is used when creating
+	# redirection URLs. In the context of virtual hosts, the ServerName
+	# specifies what hostname must appear in the request's Host: header to
+	# match this virtual host. For the default virtual host (this file) this
+	# value is not decisive as it is used as a last resort host regardless.
+	# However, you must set it for any further virtual host explicitly.
+	#ServerName www.example.com
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/html
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	#LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	# For most configuration files from conf-available/, which are
+	# enabled or disabled at a global level, it is possible to
+	# include a line for only one particular virtual host. For example the
+	# following line enables the CGI configuration for this host only
+	# after it has been globally disabled with "a2disconf".
+	#Include conf-available/serve-cgi-bin.conf
+        HttpProtocolOptions Unsafe
+</VirtualHost>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Workbench/wordpress_server/container_files/wordpress/config.yml

@@ -0,0 +1,3 @@
+apache_modules:
+  - mod_rewrite
+

Workbench/wordpress_server/container_files/wordpress/sed.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+#echo "define('JWT_AUTH_SECRET_KEY', 'your-top-secret-key');" >> /var/www/html/wp-config.php; 
+#echo "define('JWT_AUTH_CORS_ENABLE', true);" >> /var/www/html/wp-config.php
+sed -i "s/define( 'DB_COLLATE', '' );/define( 'DB_COLLATE', '' );\ndefine('JWT_AUTH_SECRET_KEY', 'your-top-secret-key');\ndefine('JWT_AUTH_CORS_ENABLE', true);\n/" /var/www/html/wp-config.php
+sed -i "s/RewriteBase \//RewriteBase \/\nRewriteRule \^wp-json\/\(\.\*\) \/?rest_route=\/\$1 \[L\]\n/" /var/www/html/.htaccess
+sed -i 's/RewriteRule \. \/index\.php \[L\]/RewriteCond %{REQUEST_URI} !\\\.sso\/\nRewriteRule \. \/index\.php \[L\]/' /var/www/html/.htaccess
+sed -i 's/AllowOverride None/AllowOverride All/'  /etc/httpd/conf/httpd.conf
+sed -i 's/IncludeOptional conf.d\/\*.conf/IncludeOptional conf.d\/\*.conf\nHttpProtocolOptions Unsafe/' /etc/httpd/conf/httpd.conf
+

Workbench/wordpress_server/container_files/wordpress/wp-cli.yml

@@ -0,0 +1,3 @@
+apache_modules:
+  - mod_rewrite
+

Workbench/wordpress_server/wordpress_data/Dockerfile

@@ -0,0 +1,15 @@
+from mariadb:latest
+RUN apt-get update
+#RUN apt-get install wget gcc libmysql++-dev librabbitmq-dev pkg-config libbsd-dev -y
+#ENV MYSQL_RANDOM_ROOT_PASSWORD=true
+ENV MYSQL_ROOT_PASSWORD=54y6RxN7GfC7aes3
+ENV MYSQL_DATABASE=wordpress
+ENV MYSQL_USER=wordpress
+ENV MYSQL_PASSWORD=54y6RxN7GfC7aes3
+#WORKDIR /tmp
+#RUN wget https://github.com/ssimicro/lib_mysqludf_amqp/releases/download/v2.0.0/lib_mysqludf_amqp-2.0.0.tar.gz
+#RUN tar zxf lib_mysqludf_amqp-2.0.0.tar.gz
+#WORKDIR /tmp/lib_mysqludf_amqp-2.0.0
+#RUN ./configure  && make  && make install #mysql -u root --password=54y6RxN7GfC7aes3 < installdb.sql
+RUN cat /etc/resolv.conf
+EXPOSE 3306